Search form

Docker Security

Docker is committed to building secure products, providing best practices and responding quickly to any issues or vulnerabilities. As a community we are all part of the process in discovery, reporting and remediating issues.

Latest Tools and Resources

Security Blog

At Docker, we believe the best insights come from the developers and IT pros using the Docker platform every day. Since the launch of Docker Enterprise Edition, we learned three things from our customers. First, a top goal in enterprise IT is to deliver value to customers (internal business units or external clients)…and to do so fast. Second, most enterprises believe that Docker is at the center of their IT platform. Finally, most enterprises’ biggest challenge is moving their containerized applications to production in time to prove value. My DockerCon talk focused on addressing the third item, which seems to be a critical one for many of our customers. In our recent customer engagements, we’ve seen a pattern of common challenges when designing and deploying Docker in an enterprise environment. Particularly, customers are struggling to find best practices to speed Continue reading...

As you may have heard, the Notary project has been invited to join the Cloud Native Computing Foundation (CNCF). Much like its real world namesake, Notary is a platform for establishing trust over pieces of content. In life, certain important events such as buying a house are facilitated by a trusted third party called a “notary.” When buying a house, this person is typically employed by the lender to verify your identity and serve as a witness to your signatures on the mortgage agreement. The notary carries a special stamp and will also sign the documents as an affirmation that a notary was present and verified all the required information relating to the borrowers. In a similar manner, the Notary project, initially sponsored by Docker, is designed to provide high levels of trust over digital content using strong cryptographic signatures. In addition Continue reading...

The latest release of Docker Enterprise Edition (EE) allows organizations to modernize Windows, Linux, and Linux-on-mainframe applications—all with minimal disruption. The release also allows organizations to run containers at scale with advanced capabilities around secure multi-tenancy and policy-based automation. In last week’s webinar, we walked through the key new features of this release and saw a demo of Docker EE in action. If you missed the webinar, you can watch it here: Here are the top questions from the webinar: Q: Can you provide more information about Windows support? Which version of Windows? Is this only available with Docker Enterprise Edition? A: You can run Windows Docker containers either with Docker Community Edition for Windows (PC) which supports Windows 10 or Docker Enterprise Edition for Windows Server 2016 (including Nano Server). Docker EE Basic is included with the Windows Server 2016 Continue reading...